Skip to content

Commit b96c1d5

Browse files
juliaElasticjuliaElastic
authored
[Fleet] Added all privilege to kibana_system to logs-fleet_server.* index pattern (#106815) (#106863)
* Update KibanaOwnedReservedRoleDescriptors.java * replaced all with read, delete_index
1 parent 870f662 commit b96c1d5

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/authz/store/KibanaOwnedReservedRoleDescriptors.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -198,7 +198,7 @@ static RoleDescriptor kibanaSystem(String name) {
198198
// Fleet publishes Agent metrics in kibana task runner
199199
RoleDescriptor.IndicesPrivileges.builder().indices("metrics-fleet_server*").privileges("all").build(),
200200
// Fleet reads output health from this index pattern
201-
RoleDescriptor.IndicesPrivileges.builder().indices("logs-fleet_server*").privileges("read").build(),
201+
RoleDescriptor.IndicesPrivileges.builder().indices("logs-fleet_server*").privileges("read", "delete_index").build(),
202202
// Legacy "Alerts as data" used in Security Solution.
203203
// Kibana user creates these indices; reads / writes to them.
204204
RoleDescriptor.IndicesPrivileges.builder().indices(ReservedRolesStore.ALERTS_LEGACY_INDEX).privileges("all").build(),

0 commit comments

Comments
 (0)